- Open Positions 1
- Experience Less Than 1 Year
- Qualifications Degree Bachelor
The Threat Analysis function within the SOC team is chartered with the identification, analysis and response to a variety of threats to the security of the Bank. It incorporates Threat Monitoring, Threat Intelligence and Incident response.
Conduct alert and event analysis throughout entire event life cycle: Identify system and network anomalies effectively. Analytical, detailed, and well-organized documentation of threat monitoring analysis Escalation for incident response as necessary Assign defensive and proactive mitigation requests, and track to closure. Develop high-fidelity alert and detection rules.
Conduct threat research and analysis. Conduct intelligence analysis, and formulate threat impact determination. Analyze SMBC environment for exposure and activity related to known Indicators of Compromise (IoCs). Validate existing mitigations against real-time threat actor Tactics, Techniques, and Procedures (TTPs). Adapt analysis procedures to threat actor TTPs. Assign defensive and proactive mitigation requests, and track to closure.
Assist with performing system and network incident response, containment, and recovery activities. Respond to alerts resulting from vetted intelligence hand-offs. Execute comprehensive and complete incident response tasks and hand-offs. Provide support for incidents (i.e., event analysis, malware analysis, forensics analysis, decryption and de-obfuscation, etc.). Escalate incidents to SOC leadership who will then escalate to the Cyber Incident Response Team (CIRT). Identify and extract intelligence and static and behavioral IoCs (malware, encrypted traffic). Develop and request custom alert and detection rules. Execute comprehensive and complete incident response activities and hand-offs. Assign proactive, defensive, and rapid response mitigation requests. Effectively manage incident response activities with clear communication, coordination, and tracking of tasks.